Successful logins are cached by the SecurityManager and maybe others.This results in some problems as not every login goes through the configured LoginModules.I am using a custom LoginModule which also does accounting by logging the logins per user.Now I have two questions:1. Is it possible to disable that caching so that every login is passed through the configured LoginModules? and if yes how?2. Can I guarantee that every logout (either by explicitly killing the user's web session or by a session removal due to a timeout) is passed through the configured LoginModules logout() method?